Re: PEM_read_PrivateKey does not return private key
I have a private CA certificate created using openssl command line. The issue is that the certificate expires on 19th Oct, 2007. The question is that Is it possible to extend the expiry of this certificate without changing any other fields in the certificate? Basically, I want to continue using this CA Cert to sign end-user certs for a longer time. Any help will be appreciated. Thanks. Use the same key and the same DN and the cert will continue to act as a valid CA for any other certs you have signed. However, any site that has cached your CA cert will have to get the new one. Theirs will expire soon. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Changing the expiry date of a cert
This was a certificate authority certificate. As such, the renewal has to have the same key and DN as the original in order to continue being a CA for previously signed certificates. Jim On Oct 17, 2007, at 5:54 PM, David Schwartz wrote: It seems to me that the OP is indeed asking something else entirely different from the question which you yourself seem to have posed and then immediately failed to answer. He's asking Is it possible to extend the expiry of this certificate without changing any other fields in the certificate? to which it seems that the answer is Yes, How could the answer be anything other than yes? Could there be some mysterious force that compels you to change other fields? Or you can argue that the answer is no, since you have to at least change the signature and you pretty much have to change the serial number. And the OP replies: Yes. Thats what I was trying to ask. So, how can I change the expiry date of an existing certificate without changing any other field ? Is there any openssl command that I may use ? Did you not read or understand my answer? There is no difference between changing the date on the old certificate and issuing a new certificate. If you know how to issue a new certificate, you know how to change the date on an existing one because THERE IS NO DIFFERENCE BETWEEN THESE TWO THINGS other than philsophical differences. If you issue a new certificate that is the same as the old except for the serial number, how will anyone know you didn't just change the serial number on the old one? Will they somehow be the same bits and not new bits? IT MAKES NO DIFFERENCE. The question, as asked, is purely philosophical. Just issue a new certificate the same way you issued the original one, changing only the expiration date (and the signature, if you want). Tell everyone you changed the expiration date on the original, they won't be able to tell that you're lying. If you don't know how to or can't issue a new certificate with a new expiration date, then you can't change the expiration date on the old one either. Why? BECAUSE THEY'RE THE SAME THING. They're just two different ways of saying the same thing. If your driver's license expires, you can change the expiration date on the license and reprint it. Or you can get a new license with a new expiration date. The difference is -- wait for it -- nothing at all. It's the same thing. The same procedure to issue a new license with a new expiration date can be said to reissue the original license with a new expiration date. The only thing that makes it new or reissued is the difference between the two licenses which is just the expiration date! Sorry if this sounds like insane ranting. I'm really trying to be helpful, but it seems like it didn't sink in the first time. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: 64 bit openssl install
I have tried: ./config --prefix=/usr/bin --openssldir=/usr/local/openssl make make test make install This would have installed openssl into /usr/bin/lib, /usr/bin/bin, /usr/bin/include, ... You might have wanted --prefix=/usr Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: One SSL certificate for foo.bar.org and bar.org?
Is it possible to have one (self-signed) SSL certificate for a server that is known as foo.bar.org (internal LAN name) and bar.org (FQDN on the Internet)? A wildcard certificate doesn't seem to be a solution since it seems to be a subdomain only solution. Include all the names you want to use as SubjectAltNames. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: These steps ok to create mini-CA self signed server cert?
My question asked earlier and helpfully answered by Jim Fox opened a whole can of worms for me. Googling around I found no two sites that to my untrained eye seem to do these steps in the same way. So I borrowed a few bits and pieces here and there and came up with these very newbie steps to create a local mini-CA (think that's the term) which will be used to sign a certificate for a local server to test secure web mail. Would anyone in the know please be so kind to tell me if these steps are correct and if not rectify them? If you feel generous please enlighten me how I can add to the server certificate a second hostname with SubjectAltNames :) I don't use the openssl app for its CA tools, but I believe you must edit the openssl.cnf file. In it there is a [ req ] section with a req_extensions parameter (may be commented out). Uncomment it and go to where it points ( often 'v3_req') In the v3_req section add subjectAltName=DNS:foo.bar.edu,DNS:bar.edu That will add the names to your request. I think the default for openssl's CA signer is to preserve the alt names. Don't know of any command-line option to openssl to do this. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: BIO_set_nbio_accept functionality
So beyond the BIO_do_accept, I used the openssl client program to connect to my server. I was expecting the above to make all the sockets non-blocking, but when I called SSL_read in my code it seems to block for data. I tried using the BIO_set_nbio an BIO_set_nbio_accept calls but no joy. Basically i am trying to make all the socket calls non-blocking, what am I missing? As far as I know you have to separately do the non-blocking setup for both the listen socket and the accept socket. What works for me is this: (continuing from your previous example) .. previous listening code .. (with the BIO_set_nbio_accept) acceptRet = BIO_do_accept(sock); if (acceptRet 0) { BIO* client = NULL; SSL* ssl = NULL; client = BIO_pop(sock); ssl = SSL_new(gCtx); then something like: SSL_set_bio(ssl, client, client); SSL_set_accept_state(ssl); int sl = 1; BIO_socket_ioctl(SSL_get_fd(ssl),FIONBIO,sl); I suppose it's a full circle return to the everybody uses BIO_socket_ioctl, but it does work. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: BIO_set_nbio_accept functionality
Doesn't need a faq. The man page says the purpose of the BIO_set_nbio_accept macro is to set blocking or non-blocking mode. Seems like that's what it will do. Jim On Sep 3, 2007, at 11:31 AM, Jim Marshall wrote: Jim Marshall wrote: I'm looking at using non-blocking I/O in some places in my code, and I have a question. The 'BIO_set_nbio_accept' says it will set the underlying socket to blocking/non-blocking mode, but all the examples and stuff I see say to use 'BIO_socket_ioctl(SSL_get_fd (ssl),FIONBIO,sl)'. Can 'BIO_set_nbio_accept' be used to change the state of an SSL socket? Thank you Jim _ _ OpenSSL Project http:// www.openssl.org User Support Mailing Listopenssl- [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] No one has a comment on this? Did I miss something in a FAQ or something? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Choose server certificate based on client IP address?
Is it possible to use a different server certificate based on the client IP address? I am attempting to get a TCP connection, check the source IP, and then create an SSL context with the correct certificate, and establish an SSL connection using that context. It doesn't seem to be working, but I can't tell exactly what's going wrong. It it something in my implementation or is my method completely wrong? If so, is there any way to accomplish my goal? Looks like an implementation issue. Your method will work. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: domain check vs pubkey check
You are in a place where theory and practice converge. The security model assumes you don't trust a CA (in the technical sense) if you don't trust the CA (in the normal sense). It is built around the assumption that a client's list of trusted CAs will be intelligentally managed to include only those whose certificate issuing policies are acceptable to the ise the client software will be put. The reality is that the human being using the software may not even have any idea that his software contains a list of trusted CAs. The odds that he knows any given CA's security policy is even lower. We use certificate authentication quite a bit between our clients and servers at the University of Washington -- and we trust only certificates issued by our own CA and none by anyone else. That's how we deal with the 'loosly trusted' CA problem. Ji __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Reading RSA private/public key from a keyfile
One way is 'PEM_read_PrivateKey', which reads a private key (PEM in this case) from a FILE*. Jim On Jul 22, 2007, at 7:55 PM, Nagendra Tomar wrote: Hi I would like to know if there is a libcrypto API to read a public/private key from a keyfile and populate the RSA structure, so that one can do other operations (encrypt, sign, decrypt, verify) using that RSA struct. What I am looking for is an equivalent of SSL_use_RSAPrivateKey_file for the RSA context. IOW, one can call RSA_generate_key() to get an RSA structure which is already loaded with the RSA keys and hence can be directly used as a valid argument to RSA_{public|private}_encrypt, RSA_{public|private}_decrypt, RSA_sign and RSA_verify functions. But if I have an already generated key (common case) which I would like to be used for the above operations, how do I get that key inside the RSA struct. I've noticed that programs which need to do this, e.g. openssl, openssh etc, they all do it by hand, reading the key from the file and populating the RSA struct. Is there are API for doing this and if not, I would be curious to know why, as this seems like a very common use-case to me. Thanx, Tomar To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Problem with EVP_CipherFinal_ex
I understand that, when encrypting, the last block have to be padded to encrypt it and so i do, but i dont save to the encrypted file the padded bytes, because i need the encrypted data to be the same size than original. You have to save the entire encrypted block. cipher_final will tell you the length of the padded and encrypted block. What i dont understand is, if i enable padding on decrypt too, why EVP_CipherFinal_ex fails to pad it? Should i pad it myself before starting to decrypt? The EVP_CIPHER_CTX_set_padding only applies to encryption, and is enabled by default - so you don't need it anywhere. When decrypting cipher_final will tell you the length of the decrypted data. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Problem with EVP_CipherFinal_ex
You have to save the entire encrypted block. cipher_final will tell you the length of the padded and encrypted block. So, should i assume that encrypted buffer will always be a multiple of block_size ... I would say that my application can't allow that though. Why do you care at all? Just make sure your buffer to hold the encrypted data is at least one block_size longer than the original text length. When decrypting cipher_final will tell you the length of the decrypted data. But how can i know how many bytes long was the original buffer? (since each one will have different lengths, but when decrypting, all will be padded up to multiple of block size) Because cipher_final TELLS YOU. The length it returns is the length of the original text. It doesn't do any padding on decryption. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: How to prevent SSL from blocking from Network interruption
I have a single threaded test application (Red Hat Linux release 9 - Shrike), OpenSSL 0.9.8. I found that it's possible to permanently hang a thread receiving SSL calls if a network interruption occurs during an established connection. This is the way TCP works. There's a couple of minute timeout built into it. You can circumvent this behavior by setting your ssl sockets to non-blocking, but if you can switch to threaded processing that'd be the easier way to go. Sometime after you create each socket do something like this: int sl = 1; SSL *ssl; ... // set ssl socket nonblocking if (BIO_socket_ioctl(SSL_get_fd(ssl),FIONBIO,sl) 0) { // report an error } Then you have to deal with the likelyhood that every ssl operation will return a would block: either an SSL_ERROR_WANT_READ or an SSL_ERROR_WANT_WRITE. When you get either of these you can retry the same operation later. Here's a library that demonstrates non-blocking SSL IO: http://staff.washington.edu/fox/ezs/ Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: How to prevent SSL from blocking from Network interruption
Date: Thu, 19 Jul 2007 16:09:59 -0400 From: Jim Marshall [EMAIL PROTECTED] To: openssl-users@openssl.org Reply-To: openssl-users@openssl.org Subject: Re: How to prevent SSL from blocking from Network interruption Victor Duchovni wrote: On Thu, Jul 19, 2007 at 03:54:55PM -0400, Jim Marshall wrote: I'm also not sure I understand your answer This is the way TCP works. When we disconnect the network cable the connection never times out (we left it for at least 30 minutes). TCP only disconnects quickly when a writer re-tranmits unacked data. TCP never[1] disconnects when a reader waits for more data, this requires an application timeout. I agree it requires a time-out, but since we are in the openSSL library (waiting for the hello message) there is nothing I can do in my application. Is there a setting I can pass to SSL to tell it to time-out? As for 'keepalive', I don't think that will help if the telnet session is still connected (e.g. telnet will ack the keep-alive requests). That's why you use non-blocking rather than keepalive. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: How to prevent SSL from blocking from Network interruption
On Jul 19, 2007, at 9:45 PM, Jim Marshall wrote: Jim Marshall wrote: David Schwartz wrote: OpenSSL tries to make SSL connections act like regular TCP connections. This is exactly what TCP does. So your application would have this exact same problem with or without OpenSSL. As such, how can you blame it on OpenSSL? Not to beat a dead horse, but I forgot to mention that the application does work properly when performing the same operations on non-SSL connections. In other-words if I use telnet to connect to the server on the non-SSL port and type nothing in the console and then have a second client connect (to either the non-SSL or the SSL port) and make a valid request, the server responds properly. The telnet session is still connected, but we are not blocked from handling other requests. The WEBs code uses the socket 'select' mechanism which I presume plays a role in this working. I do not understand why this same mechanism fails when we use SSL. The 'same mechanism' is not failing when you use openssl. You're just not doing it right. If you set your SSL sockets to non-blocking and include any SSL socket 'want-read' and 'want-write' in your selects everything will work. There is no magic bullet though. SSL is more complex than telnet and you have to deal with that complexity. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Base64 encoding with BIO_new_mem_buf
One other issue though the base64 encoded string contains new line character at the end. is there a way through the api to not include it. It is characteristic of openssl to insert linebreaks in both base64 and PEM encodings --- and to require them when it decodes data. If for some reason you don't want the newlines you may have to delete them all, not just the one at the end. Ditto for PEM data. Remember thought that if want to decode either with openssl you'll have to put the newlines back. Anyone consuming PEM or base64 will be more interoperative if they handle encoded data both with and without linebreaks. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Base64 encoding with BIO_new_mem_buf
But what i really want is the encoded string in a char buffer. And so i comment out 2 and use 1 instead. As its suppose to write the encoded string into a buffer, but the problem here is pEncBuf is empty even though bytesWritten says it wrote 4 bytes. And i can't explain why it won't work. Your code is creating a mem buf of zero length. The second argument to BIO_new_mem_buf is the actual length of the buffer. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Base64 encoding with BIO_new_mem_buf
And yeah even with the correct size it still doesn't work. The BIO_new_mem_buf creates a read-only buffer. If you want to write to memory use bio = BIO_new(BIO_s_mem()); and use BIO_get_mem_ptr to get a pointer to the buffer. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: How to set my custom information in certificate
Thanks. But it seems that I must add my custom information as extension when the certificate is being created. Can I add to the certificate which has already been created ? No. Once the certificate has been signed it's done. If you want to change anything you have to resign (recreate) it. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: newbie: set cert time validity
On Jul 12, 2007, at 9:29 PM, imin macho wrote: hi... i'm a noob in openssl.. my employee asked me to edit our c++ cert issuer engine developed using openssl. currently the cert generated will be valid based on the time we generate it. for example, if i generate a cert at 13 july 2007 1:30pm and set its validity for 5 days, the cert will be valid only till 18 july 2007 1:30 pm.. what should I do to make the cert valid till 11:59pm on that day? This is what my boss asked me to do.. please help.. any help is greatly appreciated. Cert signing routines generally set the not-before and not-after times relative to now. So you'll need to find a tie in seconds that represents midnight of some day. Then find the difference from that time to now. Do a UNIX man mktime. It describes several routines that manipulate a tm structure. Basically, you convert the current expire time to a tm struct, set the day to what you want, set the hour, minute, and second to maximum, and convert back to a time_t. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: openssl function to convert pkcs#8
I have another problem now, I want to convert a pkcs#1 to a pkcs#8 using the openssl function. I noticed that there is a PEM_write_PKCS8PrivateKey(), but I believe it produces a pkcs#1 public key, so how do i get a pkcs8 public key? pkcs8 is just for private keys. There isn't any pkcs8 public key format. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PEM returns null
What I am trying to accomplish is create a remote application with an embedded private key that can securely retrieve a small block of data. Is there somewhere a public key to go with this private key? I assume the RSA header and footer line are unnecessary? Bad assumption. Both are part of PEM. Will the lack of line feeds cause any issues? Will cause everything to fail. Openssl requires PEM lines to be broken at 64 chars. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: using an embedded private key
PEM_read_bio_RSAPrivateKey() returns a BIO *, not a EVP_PKEY *. So, I am passing the wrong argument type when I call EVP_PKEY_get1_RSA(). Did I use the wrong call, or am I missing a call? PEM_read_bio_RSAPrivateKey retuns an (RSA*) and you're done. You don't need or want the call to EVP_PKEY_get1_RSA. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: using an embedded private key
I grabbed Network Security with OpenSSL on Safari and have been reading the relevant sections. That's a useful book. If I understand correctly, to read an external file, decrypt it using an internal private key and write the decrypted out to internal data, I would do: Is your file really small? RSA encryption works with integers, big ones, but smaller that the RSA key's modulus. That works out to 128 bytes max for most keys nowadays. To encrypt general text you want to use a symmetric algorithm such as AES. If you want to do it in a public/private sort of way, generate a random key for the AES encryption, encrypt the text with that, then encrypt the AES key with your RSA public key. Do the opposite to decrypt. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: using an embedded private key
Yes, my data is less than 128 bytes. I ran across that when I was doing my original research and saw the approach you recommend for larger files. So for a small file, do I have the methodology correct? Yes. Didn't try the code, but it's the right approach. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: using an embedded private key
So my questions are, how do I replicate what load_key() to populate pkey (EVP_PKEY *)? And, are they any data functions that can be used to replace what the BIO functions do for files? The BIO routines work with strings as well as with files. BIO *rbio; rbio = BIO_new_mem_buf(str, strlen(str)); if (rbio==NULL) { ERR_print_errors_fp(stderr); return (NULL); } Reads from 'rbio' will get data from the string 'str'. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]